CVE-2011-1687

Name of the Vulnerable Software and Affected Versions Best Practical Solutions RT versions 3.0.0 through 3.6.10 Best Practical Solutions RT versions 3.8.0 through 3.8.9 Best Practical Solutions RT versions 4.0.0rc through 4.0.0rc7

Description The issue allows remote authenticated users to obtain sensitive information by using the search interface, which can be used to retrieve encrypted passwords.

Recommendations For versions 3.0.0 through 3.6.10, consider restricting access to the search interface until a fix is available. For versions 3.8.0 through 3.8.9, avoid using the search function with sensitive queries until the issue is resolved. For versions 4.0.0rc through 4.0.0rc7, as a temporary workaround, consider disabling the search interface to minimize the risk of exploitation.